Red Hat Bugzilla – Bug 152902
CAN-2005-0086 less buffer overflow
Last modified: 2008-05-01 11:38:06 EDT
Victor Ashik discovered a heap based buffer overflow in less, caused by a
patch added to the less package in Red Hat Enterprise Linux 3. An attacker
could construct a carefully crafted file that could cause less to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0086
to this issue.
This issue may be RHEL3 specific. Must be checked.
------- Additional Comments From email@example.com 2005-02-10 19:09:27 ----
*** This bug has been marked as a duplicate of 2404 ***
------- Bug moved to this database by firstname.lastname@example.org 2005-03-30 18:31 -------
This bug previously known as bug 2426 at https://bugzilla.fedora.us/
Originally filed under the Fedora Legacy product and Package request component.
Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
This bug either had no qa contact or an invalid one.
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.